Alert GCSA 18091 - Microsoft Security Update Novembre 2018
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-18091
Data: 15 Novembre 2018
Titolo: Microsoft Security Update Novembre 2018
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato vari aggiornamenti mirati a risolvere numerose
vulnerabilita' presenti nei sistemi operativi Windows e in vari software
applicativi.
Maggiori dettagli sono disponibili nella segnalazione ufficiale alla
sezione "Riferimenti".
:: Software interessato
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office and Microsoft Office Services and Web Apps
ChakraCore
.NET Core
Skype for Business
Azure App Service on Azure Stack
Team Foundation Server
Microsoft Dynamics 365 (on-premises) version 8
PowerShell Core
Microsoft.PowerShell.Archive 1.2.2.0
:: Impatto
Varie possibilita' di attacco remoto per sfruttare alcune delle
vulnerabilita' e ottenere l'accesso al sistema.
:: Soluzioni
Per default l'installazione degli aggiornamenti avviene in maniera
automatica.
Microsoft Security Update Guide
https://portal.msrc.microsoft.com/en-us/security-guidance/
Gli aggiornamenti sono disponibili anche tramite il catalogo di Microsoft
Update https://www.catalog.update.microsoft.com/Home.aspx
:: Riferimenti
Microsoft Security update deployment information
https://support.microsoft.com/en-us/help/20181113/security-update-deployment-information-november-13-2018
Microsoft October 2018 Security Updates
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/ff746aa5-06a0-e811-a978-000d3a33c573
Microsoft Security Update Summary
https://portal.msrc.microsoft.com/en-us/security-guidance/summary
CERT Nazionale
https://www.certnazionale.it/news/2018/11/14/aggiornamenti-di-sicurezza-per-prodotti-microsoft-novembre-2018/
US-CERT
https://www.us-cert.gov/ncas/current-activity/2018/11/13/Microsoft-Releases-November-2018-Security-Updates
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8407
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8408
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8454
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8545
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8558
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8563
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8565
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8566
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8573
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8578
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8579
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8581
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8592
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlvtXpgACgkQwZxMk2USYEIyXwCfRrRzzOpx2pkVzHVP8mxc8La4
ZTIAnRNo7Yij/sEdRRFIxEkH7F6h6R9s
=eqO5
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-18091
Data: 15 Novembre 2018
Titolo: Microsoft Security Update Novembre 2018
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato vari aggiornamenti mirati a risolvere numerose
vulnerabilita' presenti nei sistemi operativi Windows e in vari software
applicativi.
Maggiori dettagli sono disponibili nella segnalazione ufficiale alla
sezione "Riferimenti".
:: Software interessato
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office and Microsoft Office Services and Web Apps
ChakraCore
.NET Core
Skype for Business
Azure App Service on Azure Stack
Team Foundation Server
Microsoft Dynamics 365 (on-premises) version 8
PowerShell Core
Microsoft.PowerShell.Archive 1.2.2.0
:: Impatto
Varie possibilita' di attacco remoto per sfruttare alcune delle
vulnerabilita' e ottenere l'accesso al sistema.
:: Soluzioni
Per default l'installazione degli aggiornamenti avviene in maniera
automatica.
Microsoft Security Update Guide
https://portal.msrc.microsoft.com/en-us/security-guidance/
Gli aggiornamenti sono disponibili anche tramite il catalogo di Microsoft
Update https://www.catalog.update.microsoft.com/Home.aspx
:: Riferimenti
Microsoft Security update deployment information
https://support.microsoft.com/en-us/help/20181113/security-update-deployment-information-november-13-2018
Microsoft October 2018 Security Updates
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/ff746aa5-06a0-e811-a978-000d3a33c573
Microsoft Security Update Summary
https://portal.msrc.microsoft.com/en-us/security-guidance/summary
CERT Nazionale
https://www.certnazionale.it/news/2018/11/14/aggiornamenti-di-sicurezza-per-prodotti-microsoft-novembre-2018/
US-CERT
https://www.us-cert.gov/ncas/current-activity/2018/11/13/Microsoft-Releases-November-2018-Security-Updates
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8407
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8408
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8454
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8545
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8558
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8563
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8565
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8566
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8573
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8578
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8579
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8581
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8592
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlvtXpgACgkQwZxMk2USYEIyXwCfRrRzzOpx2pkVzHVP8mxc8La4
ZTIAnRNo7Yij/sEdRRFIxEkH7F6h6R9s
=eqO5
-----END PGP SIGNATURE-----